+++
title = "Talos Linux"
images = ["images/talos-dev-banner.png"]
+++

<meta name="twitter:card" content="summary_large_image" />
<meta name="twitter:site" content="@SideroLabs" />
<meta name="twitter:title" content="Talos Linux" />
<meta name="twitter:description"
  content="Talos Linux is Linux designed for Kubernetes – secure, immutable, and minimal." />
<meta name="twitter:image" content="https://www.talos.dev/images/talos-dev-banner.png" />

{{< blocks/cover title="Talos Linux" image_anchor="top" color="orange">}}
  <div class="mx-auto">
    <div class="col-12 text-center">
      <img width="250" class="" src="/images/logo.svg" />
    </div>
    <br />
    <h3 class="display-4 text-center mb-3">The Kubernetes Operating System</h3>
  </div>
  {{< /blocks/cover>}}

    <section class="">
      <div class="container">
        <div class="row align-items-center justify-content-center">
          <div class="col-12 col-lg-6">
            <h1 class="display-1 text-center mb-5">What is Talos Linux?</h1>
            <p class="">
              Talos Linux is Linux designed for Kubernetes – secure, immutable, and
              minimal.
            </p>
            <ul class="">
              <li class="">
                Supports cloud platforms, bare metal, and virtualization platforms
              </li>
              <li class="">
                All system management is done via an API. No SSH, shell or console
              </li>
              <li class="">
                Production ready: supports some of the largest Kubernetes clusters
                in the world
              </li>
              <li class="">Open source project from the team at Sidero Labs</li>
            </ul>
            <div class="row align-items-center">
              <div class="col-8">
                <p class="my-5 h5">
                  It only takes 3 minutes to launch a Talos cluster on your laptop
                  inside Docker.
                </p>
              </div>
              <div class="col-4 text-center">
                <a class="btn btn-primary btn-lg my-5"
                  href="https://www.talos.dev/docs/latest/introduction/quickstart/">
                  Try it now
                </a>
              </div>
            </div>
          </div>
        </div>
      </div>
    </section>

    <section class="">
      <div class="container">
        <h2 class="display-2 text-center mb-5">Why Talos Linux?</h2>
        <div class="row mb-5">
          <div class="col-12 col-lg-4">
            <h3 class="display-4 text-center mb-3">Security</h3>
            <p class="">
              Talos reduces your attack surface. It's minimal, hardened and
              immutable. All API access is secured with mutual TLS (mTLS)
              authentication.
            </p>
          </div>
          <div class="col-12 col-lg-4">
            <h3 class="display-4 text-center mb-3">Predictability</h3>
            <p class="">
              Talos eliminates configuration drift, reduces unknown factors by
              employing immutable infrastructure ideology, and delivers atomic
              updates.
            </p>
          </div>
          <div class="col-12 col-lg-4">
            <h3 class="display-4 text-center mb-3">Evolvability</h3>
            <p class="">
              Talos simplifies your architecture, increases your agility, and always
              delivers current stable Kubernetes and Linux versions.
            </p>
          </div>
        </div>
      </div>
    </section>

    <section class="">
      <div class="container">
        <h2 class="display-2 text-center mb-5">Features</h2>
        <div class="row justify-content-center mb-5">
          <div class="col-12 col-lg-4 mb-3">
            <h3 class="display-4 text-center mb-3">Minimal</h3>
            <p class="text-center">
              Talos consists of only a handful of binaries and shared libraries:
              just enough to run containerd and a small set of system services.
            </p>
            <p class="text-center">
              This aligns with NIST's recommendation in the Application Container
              Security Guide.
            </p>
          </div>
          <div class="col-12 col-lg-4 mb-3">
            <h3 class="display-4 text-center mb-3">Hardened</h3>
            <p class="text-center">Hardened by design:</p>
            <ul class="pl-4">
              <li>
                Built with the Kernel Self Protection Project configuration
                recommendations.
              </li>
              <li>All access to the API is secured with Mutual TLS.</li>
              <li>
                Settings and configuration described in the CIS guidelines are
                applied by default.
              </li>
            </ul>
          </div>
          <div class="col-12 col-lg-4 mb-3">
            <h3 class="display-4 text-center mb-3">Immutable</h3>
            <p class="text-center">
              Talos improves security further by mounting the root filesystem as
              read-only and removing any host-level such as a shell and SSH.
            </p>
          </div>
          <div class="col-12 col-lg-4 mb-3">
            <h3 class="display-4 text-center mb-3">Ephemeral</h3>
            <p class="text-center">
              Talos runs in memory from a SquashFS, and persists nothing, leaving
              the primary disk entirely to Kubernetes.
            </p>
          </div>
          <div class="col-12 col-lg-4 mb-3">
            <h3 class="display-4 text-center mb-3">Current</h3>
            <p class="text-center">
              Delivers the latest stable versions of Kubernetes and Linux.
            </p>
          </div>
        </div>
      </div>
    </section>

    <section class="">
      <div class="container">
        <div class="row mb-5">
          <div class="col-12 text-center">
            <img width="142" class="" src="/images/certified-kubernetes-color.png" alt="Certified Kubernetes" />
          </div>
        </div>
        <div class="row">
          <div class="col-12 text-center">
            <img width="250" class="" src="/images/cncf-color.png" alt="Certified Kubernetes" />
            <p class="my-3">
              We are a
              <a class="" href="https://cncf.io/">
                Cloud Native Computing Foundation
              </a>
              member.
            </p>
          </div>
        </div>
      </div>
    </section>